package com.example.ssl;

import java.io.FileInputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.URL;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;



public class MyX509TrustManager implements X509TrustManager {
	
	public   MyX509TrustManager() throws Exception {
		 KeyStore ks = KeyStore.getInstance("JKS"); 
	        ks.load(new FileInputStream("trustedCerts"), //trustedCerts 可以用new File("F:\\Tool\\IDE\\Jadyer_SSL_20120508.keystore")
	            "passphrase".toCharArray()); //password.toCharArray()
	        TrustManagerFactory tmf = 
	        TrustManagerFactory.getInstance("SunX509", "SunJSSE"); 
	        tmf.init(ks); 
	        TrustManager tms [] = tmf.getTrustManagers(); 
	        for (int i = 0; i < tms.length; i++) { 
	            if (tms[i] instanceof X509TrustManager) { 
	                sunJSSEX509TrustManager = (X509TrustManager) tms[i]; 
	                return; 
	            } 
	        } 

	}
	
	
	 X509TrustManager sunJSSEX509TrustManager;
	 
	 public String getReturn(String url ,String param){
		try{
			// 创建SSLContext对象，并使用我们指定的信任管理器初始化 
	        TrustManager[] tm = { new MyX509TrustManager() }; 
	        SSLContext sslContext = SSLContext.getInstance("SSL", "SunJSSE"); 
	        sslContext.init(null, tm, new java.security.SecureRandom()); 
	        // 从上述SSLContext对象中得到SSLSocketFactory对象 
	        SSLSocketFactory ssf = sslContext.getSocketFactory(); 
	        // 创建URL对象 
	        URL myURL = new URL(url); 
	        // 创建HttpsURLConnection对象，并设置其SSLSocketFactory对象 
	        HttpsURLConnection httpsConn = (HttpsURLConnection) myURL.openConnection(); 
	        httpsConn.setSSLSocketFactory(ssf); 
	        // 取得该连接的输入流，以读取响应内容 
	        httpsConn.setConnectTimeout(5 * 1000);
	        httpsConn.setRequestMethod("POST");
	        httpsConn.setDoOutput(true);//允许输出数据
	        httpsConn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
	        httpsConn.setRequestProperty("Content-Length", String.valueOf(param.length()));
	        OutputStream outStream = httpsConn.getOutputStream();
	        outStream.write(param.getBytes());
	        outStream.flush();
	        outStream.close();

	        InputStreamReader insr = new InputStreamReader(httpsConn.getInputStream()); 
	        // 读取服务器的响应内容并显示 
	        int respInt = insr.read(); 
	        StringBuffer sb=new StringBuffer();
	        while (respInt != -1) { 
	            System.out.print((char) respInt); 
	            sb.append((char) respInt);
	            respInt = insr.read(); 
	        } 
	        return sb.toString();
		}catch(Exception e){
			e.printStackTrace();
		}
	        return "";
	 }
	 
	 
	@Override
	public void checkClientTrusted(X509Certificate[] chain, String authType)
			throws CertificateException {
		 sunJSSEX509TrustManager.checkClientTrusted(chain, authType); 

		
	}

	@Override
	public void checkServerTrusted(X509Certificate[] chain, String authType)
			throws CertificateException {
		sunJSSEX509TrustManager.checkServerTrusted(chain, authType); 
		
	}

	@Override
	public X509Certificate[] getAcceptedIssuers() {
		return sunJSSEX509TrustManager.getAcceptedIssuers(); 
	}
	
	

	

}
